const cors = require("@koa/cors");
exports.cors = () => {
    return cors({
        origin: (ctx) => {
            // 仅允许指定域名跨域
            const whiteList = [
                "http://localhost", // 新增：HTTP 协议，无端口（等价于 80）
                "http://localhost:80", // 保留：HTTP 协议，带端口
                "https://localhost"
            ];
            return whiteList.includes(ctx.header.origin) ? ctx.header.origin : false;
        },
        allowMethods: ["GET", "POST", "PUT", "DELETE"],
        allowHeaders: ["Content-Type", "Authorization", "X-Requested-With"],
        credentials: true,
        maxAge: 7 * 24 * 60 * 60 // 预检请求缓存有效期
    });
};
